How decentralised finance has become a feast for hackers
DeFi, as it is known, has enabled large scale theft and money laundering adding up to billions of dollars.
Any technology that offers benefits to the world at large can also be abused by bad actors for their personal gain. Operators in the technology industry need to stamp out abuse to ensure users feel safe. Done successfully, this should see illicit use of the technology make up a diminishing share of total use over time.
This sort of progress can be seen in the cryptocurrency industry. Over the last three years, illicit activity has declined to be 0.15 per cent of transactions in 2021 – a significant decrease from 3.37 per cent in 2019.
However, the Chainalysis Mid-Year Crypto Crime Update revealed that from January to July 2022, US$1.9 billion was stolen in hacks and services. Much of this can be attributed to the rise in funds stolen from decentralised finance (DeFi) protocols. As DeFi is becoming more popular it’s experiencing growing pains, with illicit activity in this sector on the rise in terms of both raw value and as a share of all transactions. In fact, total value received by DeFi from illicit addresses surpassed US$2 billion over the past year.
The rise of illicit DeFi transactions has hit two main areas: theft of funds through hacking and abuse of DeFi protocols for money laundering.
DeFi protocols are the go-to hacking target
DeFi protocols have become the go-to target for hackers looking to steal cryptocurrency, accounting for 97 per cent of the US$1.68 billion stolen in 2022. This is because their open source code can be studied ad nauseum by cybercriminals and it is possible that the incentive for protocols to reach the market and grow quickly led to lapses from security best practice.
Almost US$1 billion of the stolen value has gone to groups associated with the North Korean government, entirely based on hacks of DeFi Protocols.
This data goes to show that shoring up the defences of DeFi protocols against hackers isn’t only a matter of building trust with users so that DeFi can continue to grow. It’s also a matter of international security.
DeFi based money laundering on the rise
DeFi based money laundering represents an increasing share of all funds sent from illicit addresses to services since 2020. Last year, DeFi protocols became the largest recipient of illicit funds, accounting for 69 per cent of all funds sent from addresses associated with criminal activity.
Why is this the case? Because DeFi protocols allow users to trade one type of cryptocurrency for another, making it more complicated to track the movement of funds. Unlike centralised services, DeFi protocols provide this ability without taking “know your customer” (KYC) information from users, which is a win for criminals.
It is also another area where North Korean hackers are leading the way. For example, the Lazarus Group used several DeFi protocols to launder funds after stealing over US$91 million of crypto from a centralised exchange. They were able to swap a variety of ERC-20 tokens for Ethereum. Using DeFi protocols, the hackers then went on to send the Ethereum to a mixer and swap it again to Bitcoin. Finally, the Bitcoin was moved to several centralised exchanges where it was liquidated for cash. This goes to show how hackers can abuse DeFi protocols for money laundering.
Importance of safety and compliance
Safety, compliance and regulation have become increasingly important in the cryptocurrency space. We shouldn’t expect theft to drop based on cryptocurrency market movements the way scamming does. As long as crypto assets held in DeFi protocol pools and other services have value and are vulnerable, bad actors will try to steal them.
The industry needs to shore up security and educate consumers on how to find safe projects to invest in. Law enforcement must also continue to develop their ability to seize stolen crypto to the point that hacks are no longer worthwhile.
DeFi regulation is a space which has yet to fully evolve. Headquartered in France, the Financial Action Task Force has provided guidance to monitor the growth of, and illicit financing risks associated with, DeFi and NFT markets and unhosted wallets. The draft EU regulation on Markets in Crypto Assets has also touched on this issue, however there has yet to be formal action taken on a global scale.
The foundational question of how best to tackle decentralised platforms that can run autonomously without support of a central company or person to deliver services from crypto-exchange to lending and beyond, remains front of mind.
Kim Grauer is director of research at Chainalysis.